Jump to content
TorGuard

Which Protocol is Better?

Rate this topic


taek

Recommended Posts

I currently use the UDP with Stealth using Cipher AES-256-GCM with TLS 3.1

Does the Wireguard provide the same security as the stealth protocol or should I continue to use the setup options I am on. I've read that wireguard is faster, but can I expect it to be as hidden as Stealth

Link to post
Share on other sites
On 12/10/2020 at 10:52 PM, taek said:

Does the Wireguard provide the same security as the stealth protocol or should I continue to use the setup options I am on. I've read that wireguard is faster, but can I expect it to be as hidden as Stealth

you will probably not know it until you try it. Wireguard is very new, it could potentially have some unknown issues, openvpn is very stable but one of most resource hungry one. With wireguard you will reach max speeds with quite any device, even on SoC boards where openvpn will be always slower. If you can live with it, then it is good, but then another factor comes which is power/cpu usage which clearly is then a deciding factor. Where you do not need to be paranoid, go for wireguard, if you are paranoid, then :) use only setups which are bulletproof for you. 

However, if you speak about security, there are additional factors which you need to take in mind and one of them would be that openvpn relies on other packages (like openssl) and this by itself makes openvpn less security in theory, things from past like heartbleed only confirm what I said, it was openssl which allowed it.

If you talk about deep packet inspection (DPI), and I guess you do by asking about stealth, then both protocols can be easily identified, they are quite equal in that point, but openvpn seems to be more powerful/features for obfuscation (obfsprosy, shadowsocks...). Another possible advantage of openvpn would be usage of tcp many say is better/easier to bypass firwalls. Where, one needs to take in mind, that those things are just a theory for now and as many do say that openvpn is well established and with many ressources online available, it means also that those who you try to protect/obfuscate from also have good ressources, where in fact, with wireguard it could be also more secure due to the fact that it is also new for those who you protect from. This is really very subjective to say which one is more secure, for me it is wireguard and it includes also :) being more secure that my chips will not melt on older devices when their CPU hits 100% with openvpn.

If you rely on knowledge if your gov. (or whoever else you try to block from) can block you or blocks you, I can not give you the advice, you have to try it out and see, but in general, if you do something that is maybe against the law in your country, then use always only what is known to you that works (which is btw subjective too).

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
×
  • Create New...